Archive for September 2012

Since from few days I am getting my hands dirty with Microsoft update services. I am working in an environment where patching play’s very important and vital role . So , I built my lab to understand the process in depth and found some useful stuff which I want to share here.

Today , I will describe ,

Why WSUS over Microsoft Update site (Manual stuff )?

Known Issues with WSUS 3.0 SP2 3.2.7600.226

Can I download the updates from microsoft even my client systems are pointing to the internal WSUS server?

Question 1 : Why WSUS over Microsoft Update site (Manual stuff )?

Answer – We all know WSUS is the central database software which distribute the updates which an administrator approves for all the server/client machines . WSUS Knocks down manual task of installing updates on all the computers ( I can not imagine , if I have 300 systems , I can not go to the systems one by one and check for updates manually every month) . Hence WSUS .

If any one what to know about this in deeper , I would suggest them to go through the below links ( Which even I did to understand the concepts)

Above link has everything if you are looking to learn WSUS ,Specially deployment guide and installation and operations guide.

Question 2.Known Issues with WSUS 3.0 SP2 3.2.7600.226?

One of the most encountered error with WSUS 3.2.7600.226 is 800B0001 . If you see this error code in your windowsupdate.log file then it is WUAgent Compatibility issue . The Reason behind this error code is WUAgent version , Basically If any one of your client (Where this error code is popping up) has this error then first you need to check its WUAgent Version ( How to check WUAgent Version is Here ) If the WUAgent version is 7.6.7600.256 (which is the latest ) then you need to download the agent to 7.4.76000.226.

WUAgent 7.6.7600.256 will not go well with the WSUS 3.0 SP2 3.2.7600.226 , This will cause the Agent to stop searching for updates from WSUS server . Below is the link which explains it better

Download the WUAgent 7.4.76000.226 from here and store in it C:\Temp folder

Open command prompt and go to C:\Temp directroy

Run WindowsUpdateAgent30-<platform>.exe/quiet /norestart /wuforce . This is open up a dialog box and force the installation of WUAgent 7.4.7600.226

Again go to command prompt and run C:\wuauclt.exe /resetauthorization /detectnow . This is detect/reports the client to WSUS

Question 3 – Can I download the updates from microsoft even my client systems are pointing to the internal WSUS server?

Answer – Yes . You can download the udpates directly from microsoft , even if your client systems are pointing to the WSUS (Check Regsitry key on client system to know whether it is pointing to WSUS Server , Registry : HKLM/Software/Policies/Microsoft/Windows/WindowsUpdate/AU Key UseWUServer set to 1 it is using WSUS , if set to 0 then not using the WSUS).

One Can go to control panel , Automatic updates and click on install updates from “Windows Update Web Site”

Note – when you click on this , client system directly contacts and the windows update web site and it will list out the appropriate updates . One can select the update and discard updates depending one the OS and the needs.

When you are carrying out this procedures you might see some error messages in windowupdate.log file , you can ignore them. Basically these are generated due to your client registry setting are made to contact your internal WSUS server for updates.

Hope this helps . This is what I have learnt in a month of my research 🙂 .